Cedar Rapids Schools Admit To Paying Cyber Attack Ransom
When a business or other entity is targeted by a cyber attack, often times the perpetrators will demand a ransom. A payment meant to stop the release of sensitive information that hackers may have had access to. Do you pay the money or risk that information getting out?
That was the situation the Cedar Rapids Community School District had in front of them following a cyber attack back in July. The Cedar Rapids Gazette reports that in a letter sent out to parents in the district, superintendent Noreen Bush confirmed that the school district did in fact pay the ransom demand made by the attackers. In the letter, Bush stated
We made this decision after consulting closely with cyber security experts and legal counsel and determining it was in the best interest of our school community.
The Gazette reports that the letter to parents did not disclose how much the school district paid. It did also not provide the name of the group responsible for the attack. Bush also noted in the letter that the school district had worked with its IT staff and security experts to make sure that such an attack never happens again.
The Gazette reports that schools are easy targets for cyber attacks because they are often not prepared enough to keep sensitive data safe. Among the information stolen from the Cedar Rapids school district were staff's full names, social security numbers, driver's license numbers, bank account and routing numbers, and medical information.